A new OpenSSL vulnerability on 1.0.1 through 1.0.1f is out today,
which can be used to reveal up to 64kB of memory to a connected client
or server.
https://blog.torproject.org/blog/openssl-bug-cve-2014-0160
The short version is: upgrade your openssl (unless you're running an
old one), and also more packages coming soon.
--Roger